pdf

Corporate Counsel: Unprepared for a Cyberattack? The DOJ Wants to Change That

October 16, 2018

The Department of Justice released revised cybersecurity guidelines after a report showed that, out of 3,000 IT professionals surveyed, 77 percent did not have a “cybersecurity incident response plan.” The DOJ’s recommendations call for companies to effectively plan for cybersecurity attacks by keeping senior management involved in the preparedness effort. “This is a serious enough issue that it cannot be left to the working level for the planning to be done. And management shouldn’t just get involved in the initial stage, they should be involved throughout as the plan is adopted and set into motion,” said Ronald Cheng, a data security and privacy partner at O’Melveny.